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DETAILED ACTION 

1. This action is responsive to communication: amendment filed 15 July 2005 with 
recognition of a filing date of 7 July 2000. 

2. Claims 5-1 1 are currently pending in this application. Claim 5 is an independent claim. 

Response to Arguments 

3. Applicant's arguments with respect to claims 5-11 have been considered but they are not 
found persuasive. 

With respect to applicant's argument beginning on page 3, "Pending Claims 5-11 are not 
anticipated by Schneider . . . The interface defined by claim 5 is not merely to allow a user to 
"find and access resources" (col. 25, line 26) as disclosed in the Schneider reference. Rather, the 
"user interface" recited in claim 5 permits & user to use the web-based component to set access 
policies". The Office disagrees with argument, Schneider teaches the "web-based" to set access 
policies accessible to users as indicated in previous Office Action as well as below in col. 25, 
lines 12-65. Note in lines 19-22 "In other embodiments, the IntraMap may take the sensitivity 
level of the resource and the trust level of the user's identification into account as well. The 
IntraMap interface is implemented by means of a Java™ applet that runs on any Java-equipped 
World Wide Web browser". This trust level is further explained in the reference that the user 
may act as an administrator see col. 31, lines 17-67. 

With respect to applicant's argument on page 4, "There is no teaching or suggestion in 
the Schneider reference that a web-based tool made available to allow policy mangers to permit 
users to define access policies for the network. Further Schneider teaches away from the 
structure recited in claim 5 by teaching that the users must send an e-mail to an administrator 



Application/Control Number: 09/61 1 ,463 Page 3 

Art Unit: 2134 

when they wish to have access to a particular resource". The Office disagrees with argument 
Schneider teaches that users can act as administrators and that this administration can be done for 
the network or the web see col. 31, lines 17-67. Note the table shown in FIG. 16 indicates user 
can be policy administrators as well as in col. 35, lines 49-67 "If an access filter 203 is being 
used by an administrator to modify access control database 301, then it will additionally have at 
least one working database (WDB) 1903. The working database is a copy of the database that is 
not being used to control access and therefore can be modified by the administrator. The 
administrator does so using a workstation or PC connected via a network to the access filter. The 
workstation or PC displays the administrative graphical user interface described above, and the 
administrator uses the GUI to make the changes as enabled by administrative policies. The 
changes may affect any aspect of the information stored in access control database 301 . As 
indicated above, where the changes are changes in access or administrative policies, the 
administrator can use the policy evaluation feature to see the effect of the changes. When the 
administrator is satisfied with the changes, he or she clicks on the apply button and the changes 
are distributed to all of the access filters and incorporated into each access filter's live database". 

With respect to applicant's argument on page 5, "Claim 5 recites that there are "policy 
manages" who have access to "a policy builder component" and that a different set of "users" are 
given access to the "web-based administration component". The capacity to provide a web- 
based administration component to users (as opposed to policy managers associated with the 
network itself) is neither taught nor suggested in the Schneider reference". The Office disagrees 
with argument Schneider shows that users can be designated administrator and therefore have 



Application/Control Number: 09/61 1 ,463 Page 4 

Art Unit: 2134 

access to policy management via the network see col. 25, lines 12-65, col. 31, lines 17-67, and 
col. col. 35, lines 19-47. 

With respect to applicant's argument on page 5, "it is further respectfully submitted that 
the Schneider reference does not disclose or suggest an interface displaying a grid with nodes 
laid out on axes, as is recited in the claim". The Office disagrees as shown in the reference 
col. 35, lines 55-60 "The workstation or PC displays the administrative graphical user interface 
described above, and the administrator uses the GUI to make the changes as enabled by 
administrative policies." Note a GUI has two axes, the alignment of objects to an axis is well 
known in the art when designing computer programs to be displayed on a computer screen. In 
addition it is also well known in the art there are many different ways to represent information. 
Take for example your typical Excel spreadsheet, the program itself allows the user to decide 
which axis is x and which is y as well as what information to be displayed. Therefore any 
argument applicant directs toward how information is displayed relative to axes is not 
persuasive. The Schneider was used in this application because it clearly shows policy 
management with a group of users and administrators which can be modified over a network. 

Claim Rejections - 35 USC §102 
4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in i he United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language 
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5. Claims 5-11 are rejected under 35 U.S.C 102(e) as being anticipated by Schneider et al. 
U.S. Patent No. 6,178,505 (hereinafter '505). 

As to independent claim 5, "A computer security service for a computer network 
accessible by users and comprising services and resources, the computer security service 
comprising" is taught in '505 col. 7, line 59 through col. 8, line 15; 

"a policy builder component available to one or more policy managers for defining 
access policies for the computer network users, services and resources, and" is shown in col. 
8, line 60 through col. 9, line 10; 

"a web-based delegated administration component accessible to users" is disclosed in 
'505 col. 25, lines 12-65; 

"for defining access policies for the computer network users, services and resources 
the delegated administration component comprising a graphical user interface available to 
users for defining said access policies" is taught in '505 col. 23, lines 15-65. 

As to dependent claim 6, "in which the delegated administration component is 
implemented as a service supported by the computer security service" is shown in '505 col. 
25, lines 12-18. 

As to dependent claim 7, "in which the graphical user interface comprises one or 
more HTML format pages accessible to users" is disclosed in '505 col. 25, lines 23-40. 

As to dependent claim 8, "further comprising a delegated administration definition 
component for defining delegated administration permissions for users whereby users are 
selectively enabled to use the delegated administration component to define access policies 
for specified resources and users" is taught in '505 col, 31, line 17 through col. 32, line 8. 
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As to dependent claim 9, "in which the delegated administration definition 
component further comprises a graphical user interface for displaying a grid having nodes, 
laid out on a first axis and on a second axis, each node corresponding to a variable set of 
users, potentially including the null set, for which delegated administration permissions are 
granted, the position of each node relative to the first and second axes in the grid defining 
the users and the resources, respectively, for which permissions are granted for the node" 
is shown in c 505 col. 31, lines 17-32. 

As to dependent claim 10, "the graphical user interface further comprising an array 
of nodes relative to the second axis for defining specified users enabled to modify user data 
maintained by the computer security service, the position of each node in the array of 
nodes, relative to the first axis, defining the user data for which the modification of data is 
enabled" is disclosed in '505 col. 31, lines 17-32. 

As to dependent claim 11, this claim is directed to a computer readable program code of 
the computer security service of the above claims and is rejected along the same rationale. 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as 
set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to 
expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed 
within TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened 
statutory period will expire on the date the advisory action is mailed, and any extension fee 
pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In 
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no event, however, will the statutory period for reply expire later than SIX MONTHS from the 
mailing date of this final action. 

6. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Ellen C Tran whose telephone number is 
(571) 272-3842. The examiner can normally be reached from 6:00 am to 2:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory A Morse can be reached on (571) 272-3838. The fax phone number for the 
organization where this application or proceeding is assigned is (571) 273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

Ellen Tran 
Patent Examiner 
Technology Center 2134 
20 September 2005 

GREGORY MORSE 
SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 




